In mid-March 2020, as the COVID-19 pandemic was exploding in the US, the attack came. Hackers hit the Department of Health and Human Services with a breach of its systems, unleashing a disruption and disinformation campaign designed to undermine the US response to the pandemic.

As the country’s focus shifted to the health and wellbeing of residents and healthcare workers, cyber criminals shifted into overdrive, launching an increased number of attacks. Conference app Zoom, now being used by people to connect with friends, family, and coworkers, was the target of repeated hijackings, or “Zoom-bombing” events in which hackers gained access to private chats and broadcast inappropriate material to all participants.

At the same time, Maze ransomware attacks also increased. Maze attackers utilize multiple methods of intrusion to breach systems and encrypt data, which locks companies out of their systems and can halt business operations. However, there is an even more harmful risk in a Maze attack – the perpetrators also threaten to publicly release confidential and proprietary company information in order to extort a ransom payment.

Unfortunately, when a major event draws the attention and energies of the entire world, it is prime time for cyber criminals to wreak havoc. Almost as quickly as the virus grew in the US, hackers were taking advantage of the COVID-19 pandemic, launching phishing attacks, trying to capitalize on the increased demand for information and guidance.

With more employees working remotely, companies should expect more phishing attempts and more exposure to potential system breach. Yet while phishing methods have not changed, the messages hackers are using to breach systems are echoing current events.

One study of phishing email volume and COVID-19-related threats reveals that the current pandemic represents the “largest coalescing of cyber attack types around a single theme” possibly in history.

Preventing breach

Fortunately, the same methods for preventing breach are ones that your company can apply right now to thwart the increased risks.

Business continuity planning: The most effective response to a phishing attack should begin before any attack occurs. Build a business continuity plan that helps your company both prevent and respond to cyberattacks or breaches.

Gather a designated team of key personnel assigned to specific response roles and conduct tabletop exercises. Your team can experience a breach scenario and learn how to work under the pressure of an event. Incident response planning, including tabletop exercises, will help your team understand common pitfalls and will help identify important facets of an actual event, including who needs to be part of the response team.

Employee education: The best line of defense in any phishing attempt is your employees. Take steps to increase your employees’ education in both recognizing and reporting phishing emails. We recommend the following vetting process:

Who is the sender? Check email addresses. Is the address recognizable? Is there a chance this email address has been spoofed?

Were you expecting an email from this person? When in doubt, call. Verify that the person listed actually sent the email.

Think before you click. When in doubt, don’t click on any links or attachments. Doing so could unleash malware.

Never download anything without verifying that it came from a legitimate source. If you can’t verify it, report it to the designated department.

Never share access, logins, financial data, or personal information.

Implement a two- or three-part verification system. Hackers have been known to spoof email addresses from managers, then request bank transfers. Have a process in place that requires two people within the company to verify by voice the request and require your financial institution to do so as well.

Avoid using emailed links as much as possible. Particularly with donation requests, hackers can obtain financial information by posing as a charity. Instead, go directly to the charity’s website and donate from there.

Keep software up-to-dateEven the basic practice of installing regular patches and updates can protect your systems from breach. Updates often contain fixes to security flaws and any bugs that could create open doors for hackers. Simply updating these programs regularly can strengthen your security.

Don’t be the easiest targetThe easier your system is to breach, the less prepared your employees are against phishing scams, the more likely hackers will exploit these gaps in security. Making it more difficult for hackers to gain access means they are that much more likely to move on to easier targets.

Keep your security plan active. Require regular password changes. Get the buy-in of your entire organization and make security part of the culture.

Ongoing safetyEven in the midst of a global crisis, cyber thieves will continue to operate and even increase their activities. Your company should be aware that hackers have shifted the message to capitalize on the pandemic and our thirst for information and advice.

While their methods have changed, the advice for thwarting thieves remains the same, and already recommended best practices can help protect your company’s systems.

No matter what the crisis, expect hackers to be ready to exploit it. By strengthening both your employees’ training and your system readiness, your company can strengthen its security posture and help decrease the chance of a breach.

Related Resources

Fast Fast Forward

How to identify disinformation around COVID-19

March 30, 2020

During times of crisis, the growing demand for information and clarity creates opportunities for spreading disinformation. As the demand for reliable and regular information outstrips the supply of guidance and advice by national authorities, the gap is filled by other, unofficial and unverified, sources

Cyber security in the time of coronavirus

March 24, 2020

Changing working patterns
With the ongoing spread of coronavirus, government guidance is changing rapidly. In many countries, healthy individuals are being asked for the first time to avoid unnecessary public exposure, for example at large gatherings, on public transport … and in the workplace.
As

It comes as no surprise that cyberattacks are a top concern among many organizations. Within the last ten years alone, cyber risks have become the fifth most likely global risk, ranking just below “massive data fraud and theft.”
It is a risk that many organizations believe will get worse

THIS AXA WEBSITE USES COOKIES

AXA XL, as a controller, uses cookies to provide its service, improve user experience, measure audience engagement, and interact with users’ social network accounts. We won't set optional cookies unless you enable them. You can disable them at any time.

For more detailed information on the cookies used for this website, you can read our Cookie Policy.